package com.cskaoyan.config.shiro;


import com.cskaoyan.bean.param.FileParam;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.List;

@Configuration
public class ShiroConfiguration {
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean filterFactoryBean = new ShiroFilterFactoryBean();
        filterFactoryBean.setSecurityManager(securityManager);
        // 如果想要修改重定向的地址
        // 将重定向url设置为匿名请求，并且响应认证失败的json数据
        // filterFactoryBean.setLoginUrl("/redirect");

        // shiro管理的内部的filter：anon、authc、perms
        // Filter是谁, filter的作用范围是什么，filter的顺序是什么
        // LinkedHashMap
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        // 这个请求就是登陆请求 → 把当前用户（Subject）变为已经认证的状态

        filterFactoryBean.setLoginUrl("/redirect");
        filterFactoryBean.setUnauthorizedUrl("/redirect");


        filterChainDefinitionMap.put("/wx/auth/*", "anon");
        filterChainDefinitionMap.put("/redirect", "anon");

        filterChainDefinitionMap.put("/wx/user/index", "anon");
        filterChainDefinitionMap.put("/wx/storage/upload", "anon");

        filterChainDefinitionMap.put("/wx/home/**", "anon");

        filterChainDefinitionMap.put("/wx/catalog/**", "anon");
        filterChainDefinitionMap.put("/wx/goods/**", "anon");
        filterChainDefinitionMap.put("/wx/brand/**", "anon");
        filterChainDefinitionMap.put("/wx/search/**", "anon");

        filterChainDefinitionMap.put("/wx/topic/**", "anon");

        filterChainDefinitionMap.put("/wx/comment/list", "anon");
        filterChainDefinitionMap.put("/wx/comment/count", "anon");
        filterChainDefinitionMap.put("/wx/cart/goodscount", "anon");

        filterChainDefinitionMap.put("/wx/coupon/list", "anon");

        filterChainDefinitionMap.put("/admin/auth/*", "anon");
        filterChainDefinitionMap.put("/admin/**", "authc");
        filterChainDefinitionMap.put("/wx/**", "authc");




        filterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        // 权限是和URL绑定的，url绑定了Handler方法 → Handler方法和权限绑定
        // filterChainDefinitionMap.put("/admin/user/list", "perms[admin:user:list]");
        return filterFactoryBean;
    }

    @Bean
    public DefaultWebSecurityManager securityManager(DefaultWebSessionManager customSessionManager, CustomRealm realm) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(realm);
        defaultWebSecurityManager.setSessionManager(customSessionManager);
        return defaultWebSecurityManager;
    }

    //前后端分离 会有跨域问题 session会发生变化 shiro中的信息通过session来维护,如果session发生变化 会导致session里的值拿不到
    //可以注册容器中的组件@Component

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

}
